Re: [exim] Apple mail...

Top Pagina
Deze boodschap maakt deel uit van devolgende draad:
M-+\de volledige draad-boom gesorteerd op datum
M.MMJohn Doe op <-
M\Frank Heydlauf op ->
Delete this message
Reply to this message
Auteur: W B Hacker
Datum:  
Aan: exim users
Onderwerp: Re: [exim] Apple mail...
John Doe wrote:
> Hi,
>
> is there a know problem (even though google did not find any) with Apple Mail and SSL...?

There WAS.

Years ago it made assumptions that were not always valid and that it had no
readily-accessable knobs to alter.

I *beleive* that was fixed around OS X 10.3.X or so - BUT more recently than 5
years back I plead ignorance, as I always, always, always replace Apple's mailer
with a proper MUA. Usually SeaMonkey's - which is very standards-compliant AND
easy to adjust.

Not to mention the Mac needs better browsers than wot Apple ships anyway.

>
> I setup authentication like that:
>
>
> tls_advertise_hosts = *
> tls_certificate = /etc/pki/tls/certs/exim.pem
> tls_privatekey = /etc/pki/tls/private/exim.pem
> log_selector = +tls_cipher +tls_peerdn
>
> tls_on_connect_ports = 465
> 
> PLAIN:
>   driver                     = plaintext
>   public_name                = PLAIN
>   server_prompts             = :
>   server_condition           = ${lookup mysql{AUTH_PLAIN_QUERY}{1}fail}
>   server_advertise_condition = ${if def:tls_cipher}
>   server_set_id              = $auth2

> 
> LOGIN:
>   driver                     = plaintext
>   public_name                = LOGIN
>   server_prompts             = <| Username: | Password:
>   server_condition           = ${lookup mysql{AUTH_LOGIN_QUERY}{1}fail}
>   server_advertise_condition = ${if def:tls_cipher}
>   server_set_id              = $auth1While it works fine with Thunderbird, Apple Mail just stall for 1mn and give up...
> And exim logs just says it failed...

>
> I also tried (found on some forum):
>
> server_prompts = "Username:: : Password::"
>
> But it did not help... any idea?
>
> Thx,
> JD
>

Scrap the Apple MUA.

It ain't worth the bother, as it is a lousy MUA anyway, human-interface and
features-wise.

Any of a half-dozen others - depending on user's prefs - are more useful, and
all will JFW w/r AUTH.

We've had no problem advising even low/no-expertise users over the phone w/r
downloading, installing, and configuring login settings with, for example,
SeaMonkey or Thundermug

Going up to 'root' and rm'ing all vestiges of the Apple Mail and its dodgy and
exploitable linked-to-everything address book is also a security plus.

YMMV, but the only non-Mac systems on our MTA are 'true' F/OSS *BSD.
so we've been at this for a while....

Bill




Deze boodschap werd naar devolgende mailinglijsten gestuurd:
Exim-users
Mailing Lijst Info | Nabije Berichten		<-[exim] ACL_NOT_SMTP and ratelimit questionRe: [exim] Sanity Check: 5 short router questions->
Tahini and Hummus and Cumin Development Archives beheerd door cumin AdminsLurker (versie 2.3)